Example 26 with AuthenticationInfo
use of org.apache.sling.auth.core.spi.AuthenticationInfo in project sling by apache.
the class AuthenticationInfoTest method testClear.
@Test
public void testClear() {
final char[] pwd = new char[6];
final AuthenticationInfo info = new AuthenticationInfo("test", "name", pwd);
Assert.assertEquals("test", info.getAuthType());
Assert.assertEquals("name", info.getUser());
assertSame(pwd, info.getPassword());
info.clear();
// AUTH_TYPE still contained
Assert.assertEquals(1, info.size());
Assert.assertEquals("test", info.getAuthType());
assertFalse(info.containsKey(ResourceResolverFactory.USER));
assertFalse(info.containsKey(ResourceResolverFactory.PASSWORD));
}
Also used :
AuthenticationInfo(org.apache.sling.auth.core.spi.AuthenticationInfo)
Test(org.junit.Test)
Example 27 with AuthenticationInfo
use of org.apache.sling.auth.core.spi.AuthenticationInfo in project sling by apache.
the class FormAuthenticationHandler method extractRequestParameterAuthentication.
// --------- Request Parameter Auth ---------
private AuthenticationInfo extractRequestParameterAuthentication(HttpServletRequest request) {
AuthenticationInfo info = null;
// to the j_security_check URL
if (REQUEST_METHOD.equals(request.getMethod()) && request.getRequestURI().endsWith(REQUEST_URL_SUFFIX)) {
String user = request.getParameter(PAR_J_USERNAME);
String pwd = request.getParameter(PAR_J_PASSWORD);
if (user != null && pwd != null) {
info = new AuthenticationInfo(HttpServletRequest.FORM_AUTH, user, pwd.toCharArray());
info.put(AuthConstants.AUTH_INFO_LOGIN, new Object());
// a validation request
if (!AuthUtil.isValidateRequest(request)) {
AuthUtil.setLoginResourceAttribute(request, request.getContextPath());
}
}
}
return info;
}
Also used :
AuthenticationInfo(org.apache.sling.auth.core.spi.AuthenticationInfo)
Example 28 with AuthenticationInfo
use of org.apache.sling.auth.core.spi.AuthenticationInfo in project sling by apache.
the class FormAuthenticationHandler method createAuthInfo.
private AuthenticationInfo createAuthInfo(final String authData) {
final String userId = getUserId(authData);
if (userId == null) {
return null;
}
final AuthenticationInfo info = new AuthenticationInfo(HttpServletRequest.FORM_AUTH, userId);
if (jaasHelper.enabled()) {
//JcrResourceConstants.AUTHENTICATION_INFO_CREDENTIALS
info.put("user.jcr.credentials", new FormCredentials(userId, authData));
} else {
info.put(attrCookieAuthData, authData);
}
return info;
}
Also used :
FormCredentials(org.apache.sling.auth.form.impl.jaas.FormCredentials)
AuthenticationInfo(org.apache.sling.auth.core.spi.AuthenticationInfo)
Example 29 with AuthenticationInfo
use of org.apache.sling.auth.core.spi.AuthenticationInfo in project sling by apache.
the class SlingAuthenticatorTest method test_childNodeShouldHaveAuthenticationInfo4.
/**
* Test is OK for same node with extension
* @throws Throwable
*/
@Test
public void test_childNodeShouldHaveAuthenticationInfo4() throws Throwable {
final String AUTH_TYPE = "AUTH_TYPE_TEST";
final String PROTECTED_PATH = "/content/en/test";
final String REQUEST_CHILD_NODE = "/content/en/test.html";
SlingAuthenticator slingAuthenticator = new SlingAuthenticator();
PathBasedHolderCache<AbstractAuthenticationHandlerHolder> authRequiredCache = new PathBasedHolderCache<AbstractAuthenticationHandlerHolder>();
authRequiredCache.addHolder(buildAuthHolderForAuthTypeAndPath(AUTH_TYPE, PROTECTED_PATH));
PrivateAccessor.setField(slingAuthenticator, "authHandlerCache", authRequiredCache);
final HttpServletRequest request = context.mock(HttpServletRequest.class);
buildExpectationsForRequestPathAndAuthPath(request, REQUEST_CHILD_NODE, PROTECTED_PATH);
AuthenticationInfo authInfo = (AuthenticationInfo) PrivateAccessor.invoke(slingAuthenticator, "getAuthenticationInfo", new Class[] { HttpServletRequest.class, HttpServletResponse.class }, new Object[] { request, context.mock(HttpServletResponse.class) });
/**
* The AUTH TYPE defined aboved should be used for the path /test and his children: eg /test/childnode.
*/
Assert.assertTrue(AUTH_TYPE.equals(authInfo.getAuthType()));
}
Also used :
HttpServletRequest(javax.servlet.http.HttpServletRequest)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
AuthenticationInfo(org.apache.sling.auth.core.spi.AuthenticationInfo)
Test(org.junit.Test)
Example 30 with AuthenticationInfo
use of org.apache.sling.auth.core.spi.AuthenticationInfo in project sling by apache.
the class SlingAuthenticatorTest method test_siblingNodeShouldNotHaveAuthenticationInfo.
/**
* JIRA: SLING-6053
* Issue can be reproduced with the following steps:
*
* Create node "/page"
* Create sibling node "/page1"
* Define an auth handler for node: "/page"
*
* Expected: "/page" has AuthenticationInfo
* "/page1" does not have AuthenticationInfo (has anonymous)
*
* Actual: "/page" & "page1" are both having AuthenticationInfo
*
*
* @throws Throwable
*/
@Test
public void test_siblingNodeShouldNotHaveAuthenticationInfo() throws Throwable {
final String AUTH_TYPE = "AUTH_TYPE_TEST";
final String PROTECTED_PATH = "/content/en/test";
final String REQUEST_NOT_PROTECTED_PATH = "/content/en/test2";
SlingAuthenticator slingAuthenticator = new SlingAuthenticator();
PathBasedHolderCache<AbstractAuthenticationHandlerHolder> authRequiredCache = new PathBasedHolderCache<AbstractAuthenticationHandlerHolder>();
authRequiredCache.addHolder(buildAuthHolderForAuthTypeAndPath(AUTH_TYPE, PROTECTED_PATH));
PrivateAccessor.setField(slingAuthenticator, "authHandlerCache", authRequiredCache);
final HttpServletRequest request = context.mock(HttpServletRequest.class);
buildExpectationsForRequestPathAndAuthPath(request, REQUEST_NOT_PROTECTED_PATH, PROTECTED_PATH);
AuthenticationInfo authInfo = (AuthenticationInfo) PrivateAccessor.invoke(slingAuthenticator, "getAuthenticationInfo", new Class[] { HttpServletRequest.class, HttpServletResponse.class }, new Object[] { request, context.mock(HttpServletResponse.class) });
/**
* The AUTH TYPE defined aboved should not be used for the path /test2.
*/
Assert.assertFalse(AUTH_TYPE.equals(authInfo.getAuthType()));
}
Also used :
HttpServletRequest(javax.servlet.http.HttpServletRequest)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
AuthenticationInfo(org.apache.sling.auth.core.spi.AuthenticationInfo)
Test(org.junit.Test)
Aggregations
AuthenticationInfo (org.apache.sling.auth.core.spi.AuthenticationInfo)36
Test (org.junit.Test)25
HttpServletRequest (javax.servlet.http.HttpServletRequest)8
HttpServletResponse (javax.servlet.http.HttpServletResponse)8
SimpleCredentials (javax.jcr.SimpleCredentials)4
IOException (java.io.IOException)3
Collection (java.util.Collection)2
Credentials (javax.jcr.Credentials)2
LoginException (org.apache.sling.api.resource.LoginException)2
Method (java.lang.reflect.Method)1
AccountLockedException (javax.security.auth.login.AccountLockedException)1
AccountNotFoundException (javax.security.auth.login.AccountNotFoundException)1
CredentialExpiredException (javax.security.auth.login.CredentialExpiredException)1
Cookie (javax.servlet.http.Cookie)1
HttpSession (javax.servlet.http.HttpSession)1
ResourceResolver (org.apache.sling.api.resource.ResourceResolver)1
FormCredentials (org.apache.sling.auth.form.impl.jaas.FormCredentials)1
XingUser (org.apache.sling.auth.xing.api.XingUser)1
PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)1
Token (org.scribe.model.Token)1
